Router Configuration Backups?? [7:70009]
Hey Group, I have a number of routers that don't get their configs backed up on a regular basis... does anyone have (or know of) any software products out there that will do the backups for me... or even better still, let me know if a config is changed by someone?? Thanks --Stevo Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=70009&t=70009 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Boson test 1,2 or #3 [7:70605]
#3 is the best in my opinion ""David Power"" wrote in message news:[EMAIL PROTECTED] > I am thinking to buy boson tests for ccie 350-001 (R&S),if someone just want > to buy one which one it should be 1,2 or # 3. > Thanks, > David > > _ > MSN 8 helps eliminate e-mail viruses. Get 2 months FREE*. > http://join.msn.com/?page=features/virus Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=70609&t=70605 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Pix Log Analysis [7:72328]
Hey People, I'm looking for an app or a script that will analyse my Pix logs preferably in real-time. I have my logging turned up so I get all the TCP session creations and tear-downs, and all the URL's accessed and a bunch of other stuff. So any ideas?!! Stevo Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=72328&t=72328 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: PIX DNS Issue [7:72685]
You know I've had similar weirdness with my Pix (6.3) and DNS. I have 2 internal AD DNS servers and 2 external BIND DNS servers. The 2 external DNS servers sit outside the PIX and AD DNS server obviously sit behind the Pix on the inside network. I have a host mail that has a different DNS entry on both internal and external name servers. Let's say internally the IP is 10.1.1.10 and externally 203.132.60.10. When I am on a host on the internal network and query the external name server it seems like the response comes from the internal dns server... example below: I'm trying to resolve mail on the external name server. When I'm on the external name server (or outside the Pix) the response is always 203.132.60.10. However, when I'm on an internal host and do a look up against the external name server I get 10.1.1.10 as the answer everytime! So it seems like the Pix is grabbing that DNS query and sending it to the internal name server instead of letting it through... Any ideas as to why?? Stevo wrote in message news:[EMAIL PROTECTED] > PIX treats DNS queries little different, especially replies. The client > has the potential of contacting multiple DNS servers sequentially in the > event the first one experiencing some delays. The PIX keeps track of > all them and allows one reply to come back through. I'm not sure if > things changed in the version but its a good idea to check.. HTH > > Thanks...Nabil > > "I have never let my schooling interfere with my education." > > > > Andrew > Larkins > > cc: > Sent by: Subject: RE: PIX DNS Issue > [7:72685] > > [EMAIL PROTECTED] > > om > > > 07/21/2003 09:41 > AM > Please respond > to > Andrew > Larkins > > > > > > > Please send the config and we can have a look. > > -Original Message- > From: Tunde Kalejaiye [mailto:[EMAIL PROTECTED] > Sent: 21 July 2003 11:57 > To: [EMAIL PROTECTED] > Subject: PIX DNS Issue [7:72685] > > > I swapped a router running ios firewall with a pix 506e and i have been > having > all sorts of issues. first, is the DNSall clients use an internal > DNS > server which forwards all request to an external DNS serverthis > works > fine > with the router but with the PIX it doesnt work. when i configured the > clients > to use the external DNS server everything worked fine. The pix box is > running > the 6.3 code. > > > i know i am missing something...but can't figure it out yet...i really > would > appreciate any comments. > > regards, > > Tunde Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=72711&t=72685 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
List of Vulnerable IOS Versions?? [7:72758]
Hey All, I'm doing an audit on my Cisco gear and wondered if Cisco has a list of IOS versions that had security holes in them. I don't care about what the hole is, but I do care that I'm running a vulnerable IOS version! Let me know Stevo Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=72758&t=72758 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Cat 4000 Connectivity Issues! [7:72823]
Hey All, I have a Cat 4006 running in native mode (running IOS 12.1(13) and can not ping or telnet to it anymore. It is passing traffic just fine however the only way I can connect to it is to ping it FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Microsoft VPN through a router [7:72824]
Steve, You need to open GRE to from any source to your VPN server and then depending on whether you're using PPTP or L2TP make sure you have either tcp/1723 or tcp/1701 open. My ACL looks like this for PPTP access... access-list 101 permit tcp any host eq 1723 access-list 101 permit gre any host Stevo ""Steven Aiello"" wrote in message news:[EMAIL PROTECTED] > I was wondering what ports I would need to have open for a Microsoft VPN > connection on my router. If I have done my home work correctly I think > > IPSec port: 50 > L2TP port : 1701 > PPTP port : 1723 > > Are these all TCP, UDP??? > > I don't really have a full understanding of how the protocal and port > process of a VPN works. I understand the theroy; how IPSec incryptes > the info in a tunnel data portion of another IP packet blaa blaa blaa. > But any more aditional detailed info would be great. > > Thanks, > Steve Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=72831&t=72824 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cat 4000 Connectivity Issues! [7:72823]
LOL - I just re-read my post... to clarify - I can not ping it, but I can console to it... And none of the VTYs are in use. In fact, when I'm consoled into the device it can telnet itself just fine! Really bizarre... ""MADMAN"" wrote in message news:[EMAIL PROTECTED] > John Neiberger wrote: > >>>>>Stevo 7/23/03 12:02:28 PM >>> > >>>> > >>Hey All, > >> > >>I have a Cat 4006 running in native mode (running IOS 12.1(13) and can not > >>ping or telnet to it anymore. It is passing traffic just fine however the > >>only way I can connect to it is to ping it > >Are you sure you haven't used all your VTY's? Do you get a > connection refused when trying to connect? You could be so low on > memory that it's unable to create and exec and will crash on it's own in > time. > >Dave > > > > > > > I'm confused. Can you ping it or not? :-) > -- > David Madland > CCIE# 2016 > Sr. Network Engineer > Qwest Communications > 612-664-3367 > > "Government can do something for the people only in proportion as it > can do something to the people." -- Thomas Jefferson Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=72856&t=72823 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: List of Vulnerable IOS Versions?? [7:72758]
So no one has any info for me on this?? > Hey All, > > I'm doing an audit on my Cisco gear and wondered if Cisco has a list of IOS > versions that had security holes in them. I don't care about what the hole > is, but I do care that I'm running a vulnerable IOS version! > > Let me know > > Stevo Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=72858&t=72758 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco Routers and Switches [7:72852]
www.ebay.com wrote in message news:[EMAIL PROTECTED] > Hi there, > > Can you please advise any good resource to buy used/refurbished/cheap Cisco > gear? > > Thanks. > Bharat Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=72859&t=72852 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: PIX DNS Issue [7:72685]
Well that's exactly right... Thanks for the links Chavira! Stevo ""Chavira Luis"" wrote in message news:[EMAIL PROTECTED] > No, the PIX "translates" the response in a DNS proxy manner. This helps when > a host has a static translation using the pix. > > For example, imagine the 10.0.0.1 (inside) and 200.33.76.1 (outside) pair. > The external BIND will answer the query with the external IP, but the PIX > will translate the answer so the inside client won't have to "go" outside. > > please review this link: > NAT command (note the "dns" keyword) > http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_sw/v_63/cmdref /mr.htm#1032129 > ALIAS command (might not be useful to you) > http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_sw/v_63/cmdref /ab.htm > > Hope it helps some > > Luis Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=73126&t=72685 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Cat 4000 Modules [7:73213]
I just bought a WS-X4148-RJ module for my Cat4006. Is this a hot-swappable module?? Stevo Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=73213&t=73213 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Port Spanning (Monitoring) [7:73320]
Hey all, I have a 3640 router with 2 ethernet interfaces (I'm only using 1 of them) - I'd like to connect a sniffer up to the unused ethernet interface and monitor the traffic from the other interface. Is this possible on a router?? Stevo Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=73320&t=73320 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Port Spanning (Monitoring) [7:73320]
I wanted to span the port so I could attach an IDS sensor to it to monitor the traffic entering / leaving my network. ""Reimer, Fred"" wrote in message news:[EMAIL PROTECTED] > Don't ask me how ATM got into it. Someone said they would like the ability > to SPAN ATM traffic, and I just can't figure out how that would be possible. > > Even if we are talking about SPANning between Ethernet interfaces I still > believe that a packet capture facility would be useful... > > Fred Reimer - CCNA > > > Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 > Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 > > > NOTICE; This email contains confidential or proprietary information which > may be legally privileged. It is intended only for the named recipient(s). > If an addressing or transmission error has misdirected the email, please > notify the author by replying to this message. If you are not the named > recipient, you are not authorized to use, disclose, distribute, copy, print > or rely on this email, and should immediately delete it from your computer. > > > -Original Message- > From: Creighton, Bill, NSPM [mailto:[EMAIL PROTECTED] > Sent: Friday, August 01, 2003 1:32 PM > To: [EMAIL PROTECTED] > Subject: RE: Port Spanning (Monitoring) [7:73320] > > Did I miss a post? Where did ATM and Ethernet come into this? I thought we > were talking about 3600 Ethernet interfaces, not network modules... > > I don't know what type of traffic you're looking to sniff - obviously layer > 2 since we're talking frames vs. cells, ATM vs. Ethernet, but if you're > looking to MONitor a traffic from a non-source, non-destination workstation, > wouldn't that indicate an RMON probe like NI's Observer? Using an RMON probe > wouldn't require you to occupy the other router interface, just connected to > that network on the switch or hub... > > Bill Creighton CCNP > Network Design Engineer, eVPN > AT&T Business Service Delivery NSPM > 231 Martingale Road, Suite 800 > Schaumburg, IL 60173-2008 > Office: 847-407-4108 > Fax: 847-598-6400 > Mobile:630-290-7000 > [EMAIL PROTECTED] > > > > -Original Message- > > From: Reimer, Fred [mailto:[EMAIL PROTECTED] > > Sent: Friday, August 01, 2003 11:32 AM > > To: [EMAIL PROTECTED] > > Subject: RE: Port Spanning (Monitoring) [7:73320] > > > > > > I don't think that is logically possible. How are you going > > to span ATM > > cells onto Ethernet frames? A MUCH better facility would be > > to specify a > > chunk of memory and do a packet capture, which could be > > filtered with an ACL > > and downloaded with FTP or TFTP (either from or to an IOS box would be > > acceptable to me). Then you could look at actual ATM cells, > > given a decoder > > that understood them... > > > > Fred Reimer - CCNA > > > > > > Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 > > Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 > > > > > > NOTICE; This email contains confidential or proprietary > > information which > > may be legally privileged. It is intended only for the named > > recipient(s). > > If an addressing or transmission error has misdirected the > > email, please > > notify the author by replying to this message. If you are not > > the named > > recipient, you are not authorized to use, disclose, > > distribute, copy, print > > or rely on this email, and should immediately delete it from > > your computer. > > > > > > -Original Message- > > From: alaerte Vidali [mailto:[EMAIL PROTECTED] > > Sent: Friday, August 01, 2003 11:00 AM > > To: [EMAIL PROTECTED] > > Subject: RE: Port Spanning (Monitoring) [7:73320] > > > > It would be useful if the IOS guys added this facility. Specially for > > monitoring ATM interfaces (sniffer ATM modules are really expensive). > > **Please support GroupStudy by purchasing from the GroupStudy Store: > > http://shop.groupstudy.com > **Please support GroupStudy by purchasing from the GroupStudy Store: > http://shop.groupstudy.com > **Please support GroupStudy by purchasing from the GroupStudy Store: > http://shop.groupstudy.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=73391&t=73320 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Catalyst 5500 Sup IIIF [7:73948]
Hey Peeps, Does anyone know the part number for a Sup IIIF card for a Cat5500?? I've searched around and can't find it! Thanks Stevo Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=73948&t=73948 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: PIX License upgrade procedure [7:73769]
Okay so I went through the process to get a new 3DES key for my Pix and after the upgrade I went from an Unrestricted License to a Restricted License?? What gives?? The only change was that my Pix now doesn't have a failover license... but before it did! And now I have only 3 Maximum Interfaces... WEAK! BEFORE: Licensed Features: Failover: Enabled VPN-DES:Enabled VPN-3DES-AES: Disabled Maximum Interfaces: 6 Cut-through Proxy: Enabled Guards: Enabled URL-filtering: Enabled Inside Hosts: Unlimited Throughput: Unlimited IKE peers: Unlimited This PIX has an Unrestricted (UR) license. AFTER: Licensed Features: Failover: Disabled VPN-DES:Enabled VPN-3DES-AES: Enabled Maximum Interfaces: 3 Cut-through Proxy: Enabled Guards: Enabled URL-filtering: Enabled Inside Hosts: Unlimited Throughput: Unlimited IKE peers: Unlimited This PIX has a Restricted (R) license. wrote in message news:[EMAIL PROTECTED] > SHORT! Client paid for it like half a year ago or something. > > Martijn > > -Oorspronkelijk bericht- > Van: Wilmes, Rusty [mailto:[EMAIL PROTECTED] > Verzonden: maandag 11 augustus 2003 14:57 > Aan: [EMAIL PROTECTED] > Onderwerp: RE: PIX License upgrade procedure [7:73769] > > > h - how long has it been free ? > -Original Message- > From: Joshua Vince > To: [EMAIL PROTECTED] > Sent: 8/11/2003 4:04 AM > Subject: RE: PIX License upgrade procedure [7:73769] > > It is free now. > > http://www.cisco.com/cgi-bin/Software/FormManager/formgenerator.pl > > You will need a CCO login. > > Josh > > -Original Message- > From: Hitesh Pathak R [mailto:[EMAIL PROTECTED] > Sent: Saturday, August 09, 2003 6:58 AM > To: [EMAIL PROTECTED] > Subject: PIX License upgrade procedure [7:73769] > > > Hi , > > I just need to know what is the procedure if I want to upgrade my PIX > license to enable VPN-3DES feature (which is presently disabled). Either > thru CCO or by the mean of TAC case with Cisco ?? Is it free from Cisco > or chargeable ?? > > Many thanks in advance > > Thnx > > Hitesh > > > **Disclaimer > > Information contained in this E-MAIL being proprietary to Wipro Limited > is 'privileged' and 'confidential' and intended for use only by the > individual or entity to which it is addressed. You are notified that > any use, copying or dissemination of the information contained in the > E-MAIL in any manner whatsoever is strictly prohibited. > > > *** > > [GroupStudy removed an attachment of type image/jpeg which had a name of > Glacier Bkgrd.jpg] > **Please support GroupStudy by purchasing from the GroupStudy Store: > http://shop.groupstudy.com FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > **Please support GroupStudy by purchasing from the GroupStudy Store: > http://shop.groupstudy.com > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > **Please support GroupStudy by purchasing from the GroupStudy Store: > http://shop.groupstudy.com > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > **Please support GroupStudy by purchasing from the GroupStudy Store: > http://shop.groupstudy.com > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=73949&t=73769 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: Data Center Design [7:74126]
I'd be interested in both those docs Larry... ""Larry Letterman"" wrote in message news:[EMAIL PROTECTED] > Are you interested in doing the ground up, or just the network > Side..I have been involved in both... > > > Larry Letterman > Cisco Systems > > > > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of > Juan Blanco > Sent: Monday, August 18, 2003 2:22 PM > To: [EMAIL PROTECTED] > Subject: Data Center Design [7:74126] > > > Team, > Where will I be able to find information about designing a Data > Center Room. As always I appreciate your help and recommendation. > Thanks, > > Juan > **Please support GroupStudy by purchasing from the GroupStudy Store: > http://shop.groupstudy.com FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > **Please support GroupStudy by purchasing from the GroupStudy Store: > http://shop.groupstudy.com > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=74207&t=74126 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
